<?php
/*
iSuS - iScripting.net User System
v1.0 made by Panzer
http://www.iScripting.net
Copyright must stay intact
*/


//If they're already logged in, they don't need to register an account. Redirect them
if ($logged['id']) {
	
	header ( "Location: $siteurl/index.php");
	
	} else {
	
	// Or else they are a guest, they can register..
	
	//If the form hasn't been submitted, show it!
	if (!$_POST['submit']){
	
echo "	<form action='index.php?action=register' method='POST'>
<p><b>Username:</b> <input type='text' name='username' /></p>
<p><b>Password:</b> <input type='password' name='password' /></p>
<p><b>Repeat Password:</b> <input type='password' name='cpassword'></p>
<p><b>Email:</b> <input type='text' name='email' /></p>
<input type='submit' name='submit' value='Register' />
</form> ";
	} else {
	
	//Or else it has.. Secure all the inputs
	$username = secure($_POST['username']);
	$password = secure($_POST['password']);
	$cpassword = secure($_POST['cpassword']);
	$email = secure($_POST['email']);
	
	//Get their IP Address
	$ip = secure($_SERVER['REMOTE_ADDR']);
	
	//And the time they signed up
	$signup = time();
	
	//If anything is empty...
	if(!$username | !$password | !$cpassword | !$email){
	
	echo 'You must fill out all fields';
	
	} else {
	
	//If the passwords dont match
	if ($password != $cpassword) {
	
	echo 'The passwords do not match';
	
	}else{
	
	//If the email they entered wasn't an authentic email..
	if (!isEmail($email)) {
	
	echo 'You didn\'t enter a valid email address';
	
	}else{
	//Is the username that they are trying to use already in use?
	$username_test = mysql_query("SELECT * FROM `users` WHERE username = '$username'");
	
	if (mysql_num_rows($username_test) == 1){
	
	echo 'That username is already in use, please select a different one';
	
	}else{
	
	

	//Encrypt the password
	$encpass = sha1( SALT . $password );
	
	//Insert the user information into the database
	$add = "INSERT INTO `users` VALUES ('', '$username', '$encpass', '$email', '', '','','', '$ip', '$signup', 'user','')";
	
	//If the insert went ok...
	if ( mysql_query($add) ){
	
	//Tell them their user info
	echo 'Success, you are now registered<br />';
	echo 'You can now login using the following information<br /><br />';
	echo "Username: <b>$username</b><br />";
	echo "Password: <b>$password</b><br />";
	
	} else {
	
	echo 'Error, user not added';
	
	}
	}
	}
	}
	}
	}
	}
	
	
	
	
?>	


